The Obama administration on Thursday endorsed a cybersecurity bill that will get a vote next week in the Senate.
Lauding the Senate Intelligence Committee’s recent work that tweaked the bill to bolster its privacy protections, the White House said it supports passage of the Cybersecurity Information Sharing Act, or CISA, but laid out a few outstanding concerns.
The bill overcame a key procedural hurdle Thursday when the Senate overwhelmingly voted to move CISA forward. Next week, a handful of amendments will receive a vote before the Senate votes on final passage of the bill.
CISA offers incentives to private companies to share information about cyberthreats with the government and other businesses, with the goal of boosting the cybersecurity of all involved.
The bill, which passed out of the Senate Intelligence Committee nearly unanimously earlier this year, is backed by business, financial, and retail associations, but has come under heavy fire from civil-rights and privacy groups that consider the bill’s privacy protections too weak. In recent weeks, a growing number of tech companies and the associations that represent them have also distanced themselves from the bill.
The White House’s statement released Thursday night is a rejection of the groups’ attempts to organize a grassroots backlash against CISA. A number of organizations banded together this week to encourage constituents to call their senators, and planned an anti-CISA rally in front of the Capitol Thursday night.
In the statement, the administration said it was “encouraged” by the effort from cosponsors Richard Burr and Dianne Feinstein to work in amendments and changes to their bill, which it said “strengthened the legislation and incorporated important modifications to better protect privacy.”
But the White House also argued that the Department of Homeland Security should be the central clearinghouse for incoming data, and criticized the bill for allowing companies to share data with any agency, including military agencies like the National Security Agency. The statement urged senators to reject amendments that would offer liability protections to companies for sharing with government entities other than DHS. The administration was likely referring to an amendment offered by Sen. Tom Cotton that would extend protection for companies that share information with the FBI or the Secret Service.
The administration said it also opposes CISA’s authorization of certain defensive measures, which it said could result in “a direct deleterious impact on foreign policy, the integrity of information systems, and cybersecurity” if used improperly.
The White House had previously indicated its support for the Senate information-sharing legislation, but the official statement of administration policy released Thursday is the most detailed outline it has shared of its support and reservations. In 2012 and 2013, the White House threatened to veto a related bill, the Cyber Intelligence Sharing and Protection Act, or CISPA, saying it lacked adequate privacy protections.
Even if CISA passes on Tuesday, there are several hurdles left for it to clear before it arrives at the president’s desk. Two separate House versions of the bill would still need to be aligned with the Senate bill in a conference, and both chambers would need to pass a final, unified version of the legislation.